Hacking is as easy as TV and movies make it seem. That is, if you download Firesheep.
Firesheep is a Firefox add-on created by freelance software-developer, Eric Butler. This free program, released in October 2010, allows anyone to view others’ Internet activity on an unsecured Wi-fi network. Not only does Firesheep allow you to view someone else’s activity, you can actually log on to other people’s Facebook, Twitter, eBay, Amazon etc. accounts- and effectively usurp that person’s online identity. You can view and send private messages, emails, etc. while logged into someone’s account.
Butler told the New York Times, “I released Firesheep to show that a core and widespread issue in Web site security is being ignored… It points out the lack of end-to-end encryption.” While your password to sites like Facebook is encrypted, your web browser’s cookie is often not encrypted. Firesheep recognizes these cookies and bypasses the encrypted password protection. Unless you’re on an https; site, your web browsing activity can be viewed by Firesheep. I downloaded it here, and tried it in Bailey Howe Library, but it didn’t work because the UVM network is a secured VPN network. Most sites don't have end-to-end encryption security because of the engineering costs and resulting slow speeds. A good way to know if your web browsing is visible is to look to see if it is an https; url or look for that little lock somewhere on the top of your browser.
You can read about a creepy experiment by a columnist on CNN here. Your own mindfulness is the best way to be sure your information is secure. Don't deal with sensitive information on a Wi-fi hotspot, or use Firesheep to see if any of your own accounts pop-up when you’re on an unsecured Wi-fi network and log out.
It's Monday 4/4 and I just left CCS class to go do some work downtown. While I was on Brueggers free wi-fi I tried Firesheep and creeped myself out. I was able to hack into the Facebook account of a girl sitting two tables away from me- view her messages, edit her information etc. I could have struck up a conversation on FB chat with some of our mutual friends. I didn't mess with any of her stuff though (ethical 'hacker'). Maybe I should have told her that she was at risk? I didn't - I figured she would be thoroughly sketched out.
I did, however, open my Twitter account in Chrome and tweet from my hacked entry through Firefox. Check it out-
Firesheep is a Firefox add-on created by freelance software-developer, Eric Butler. This free program, released in October 2010, allows anyone to view others’ Internet activity on an unsecured Wi-fi network. Not only does Firesheep allow you to view someone else’s activity, you can actually log on to other people’s Facebook, Twitter, eBay, Amazon etc. accounts- and effectively usurp that person’s online identity. You can view and send private messages, emails, etc. while logged into someone’s account.
Butler told the New York Times, “I released Firesheep to show that a core and widespread issue in Web site security is being ignored… It points out the lack of end-to-end encryption.” While your password to sites like Facebook is encrypted, your web browser’s cookie is often not encrypted. Firesheep recognizes these cookies and bypasses the encrypted password protection. Unless you’re on an https; site, your web browsing activity can be viewed by Firesheep. I downloaded it here, and tried it in Bailey Howe Library, but it didn’t work because the UVM network is a secured VPN network. Most sites don't have end-to-end encryption security because of the engineering costs and resulting slow speeds. A good way to know if your web browsing is visible is to look to see if it is an https; url or look for that little lock somewhere on the top of your browser.
You can read about a creepy experiment by a columnist on CNN here. Your own mindfulness is the best way to be sure your information is secure. Don't deal with sensitive information on a Wi-fi hotspot, or use Firesheep to see if any of your own accounts pop-up when you’re on an unsecured Wi-fi network and log out.
It's Monday 4/4 and I just left CCS class to go do some work downtown. While I was on Brueggers free wi-fi I tried Firesheep and creeped myself out. I was able to hack into the Facebook account of a girl sitting two tables away from me- view her messages, edit her information etc. I could have struck up a conversation on FB chat with some of our mutual friends. I didn't mess with any of her stuff though (ethical 'hacker'). Maybe I should have told her that she was at risk? I didn't - I figured she would be thoroughly sketched out.
I did, however, open my Twitter account in Chrome and tweet from my hacked entry through Firefox. Check it out-